How Do You Get a NIC to Permanently Be in a firewalld Zone with a Single Command?

Problem scenario
A NIC or network interface is not being protected by a zone in the firewalld. You run firewall-cmd commands, and later run "firewall-cmd --runtime-to-permanent" afterward. But a NIC (e.g., a virtual NIC) will not persistently remain in a zone. You want your firewall-cmd commands to have a permanent effect. The "firewall-cmd --runtime-to-permanent" command is supposed to work, but it is not helping. What should you do?

Solution
Run the individual firewall-cmd commands with the "--perm" flag. We don't know why the "firewall-cmd --runtime-to-permanent" command does not always work.

See also How Do You Get a NIC to Permanently Be in a firewalld Zone with Multiple Commands?

Leave a comment

Your email address will not be published. Required fields are marked *